<?php
session_start();
date_default_timezone_set("Europe/Madrid");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <title></title>
	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
	<link href="StyleSheet.css" rel="stylesheet" type="text/css" />
</head>
<body>	
<div id="main_div">
<!--Header-->
<div id="header" >
<a>Connect-4<img alt="discs" src="images/discs.png"/></a>
<!--LogIn-->
<div id="login">
<div id="cont_login">
<?php
if(isset($_SESSION ["s_UserName"])){
		
			echo "<form action='header.php' method='post'>";
			echo "<a>User logged as </a><a class='usrname'>" . $_SESSION ['s_UserName'] . "</a>";
			echo "<input type='submit' value='Log-Out' name='logout' class='button_login' />"; 
			echo "</form>";			
	}
	else{
	echo <<<_HTML
	
	<form action="header.php" method="post">
	   <a>User name:</a>
	   <input type="text" name="username" class="textbox"/>
	   <a>Password:</a>
	   <input type="password" name="password" class="textbox"/><br />
	   <input type="submit" value="Log-in" class="button_login" name='login' />
	   </form>
_HTML;
}

if($_REQUEST["logout"]=='Log-Out'){

	unset($_SESSION ["s_UserName"]);
	echo "<META HTTP-EQUIV='Refresh' CONTENT='0; URL=index.php'>";	
}

if ($_REQUEST["login"]=='Log-in')
{ 	

// Handle the form.
	require("settings.php");

		// Connect and select:
		$dbc = mysql_connect($server, $username, $password);
		mysql_select_db('sjoconnect4', $dbc) or die ('Can´t select database') ;

		// Validate the form data:
		$problem = FALSE;
		
		 if ($_POST['username']) 
		 {
			$User=trim(strtolower($_POST['username']));
			$Pass=trim(strtolower($_POST['password']));
		 }
			if(empty ($User) || empty ($Pass))
			{
			 echo "<a style='color:red;'>Error: empty fields</a>";
			}
	else
	{
		$query=mysql_query("SELECT UserName,Password FROM Players where UserName='$User'") or die (mysql_error());
		$data=mysql_fetch_array($query);


		if($data['Password']!=md5($Pass))
		{
			echo "<a style='color:red'>Incorrect Login</a>";
		}
		
		else
		   {
			$query=mysql_query("SELECT UserName,Password FROM Players where UserName='$User'")or die (mysql_error());
			$row=mysql_fetch_array($query);
			$_SESSION ["s_UserName"]=$row['UserName'];
			
			echo "<META HTTP-EQUIV='Refresh' CONTENT='0; URL=currentgames.php'>";
			
		   }
	} 
		mysql_close($dbc); // Close the connection.
}
?>


</div>
</div>
</div>
<!--Menu-->
<div id="menu">
<a href="index.php" id="signup" class="<?php if($_SERVER['REQUEST_URI']=='/connect4/index.php' || $_SERVER['REQUEST_URI']=='/connect4/'){echo "buttoncurrent";}else{echo "button";}?>">SIGN UP</a>
<a href="newgame.php" id="newgame" class="<?php if($_SERVER['REQUEST_URI']=='/connect4/newgame.php'){echo "buttoncurrent";}else{echo "button";}?>">NEW GAME</a>
<a href="currentgames.php" id="currentgame" class="<?php if($_SERVER['REQUEST_URI']=='/connect4/currentgames.php'){echo "buttoncurrent";}else{echo "button";}?>">CURRENT GAMES</a>
<a href="stats.php" id="stats" class="<?php if($_SERVER['REQUEST_URI']=='/connect4/stats.php'){echo "buttoncurrent";}else{echo "button";}?>">STATS</a>
</div>
<!--Contenido-->
<div id="content">
<div id="subcontent">